☆535Jun 6, 2025Updated 9 months ago
Alternatives and similar repositories for rpcfirewall
Users that are interested in rpcfirewall are comparing it to the libraries listed below
Sorting:
- NTLM relaying for Windows made easy☆579Apr 25, 2023Updated 2 years ago
- A repository that maps commonly used attacks using MSRPC protocols to ATT&CK☆343May 30, 2023Updated 2 years ago
- RPC Monitor tool based on Event Tracing for Windows☆384Aug 19, 2024Updated last year
- Check for LDAP protections regarding the relay of NTLM authentication☆530Nov 19, 2024Updated last year
- ☆538Nov 20, 2021Updated 4 years ago
- The swiss army knife of LSASS dumping☆2,071Sep 17, 2024Updated last year
- ☆1,788Aug 30, 2024Updated last year
- ADExplorerSnapshot.py is an AD Explorer snapshot parser. It is made as an ingestor for BloodHound via BOFHound, and also supports full-ob…☆1,055Jan 22, 2026Updated last month
- Beacon Object File & C# project to check LDAP signing☆199Aug 7, 2024Updated last year
- A C# utility for interacting with SCCM☆682Aug 20, 2025Updated 6 months ago
- SigFlip is a tool for patching authenticode signed PE files (exe, dll, sys ..etc) without invalidating or breaking the existing signature…☆1,254Aug 27, 2023Updated 2 years ago
- ☆477Nov 20, 2022Updated 3 years ago
- Aims to identify sleeping beacons☆662Jan 25, 2026Updated last month
- LiquidSnake is a tool that allows operators to perform fileless lateral movement using WMI Event Subscriptions and GadgetToJScript☆345Sep 1, 2021Updated 4 years ago
- Framework for Kerberos relaying☆936May 29, 2022Updated 3 years ago
- Enumerate and disable common sources of telemetry used by AV/EDR.☆844Mar 11, 2021Updated 4 years ago
- Proof of Concept Utilities Developed to Research NTLM Relaying Attacks Targeting ADFS☆186Jun 22, 2022Updated 3 years ago
- A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!☆1,401Nov 22, 2023Updated 2 years ago
- ☆828Sep 9, 2022Updated 3 years ago
- A little tool to play with the Seclogon service☆326Jul 10, 2022Updated 3 years ago
- Pass the Hash to a named pipe for token Impersonation☆311Nov 29, 2023Updated 2 years ago
- TCP Port Redirection Utility☆762Jan 31, 2023Updated 3 years ago
- Fileless lateral movement tool that relies on ChangeServiceConfigA to run command☆1,607Jul 10, 2023Updated 2 years ago
- Windows Local Privilege Escalation via CdpSvc service (Writeable SYSTEM path Dll Hijacking)☆254Sep 15, 2022Updated 3 years ago
- Tool to bypass LSA Protection (aka Protected Process Light)☆989Dec 4, 2022Updated 3 years ago
- Dump NTDS with golden certificates and UnPAC the hash☆647Mar 20, 2024Updated last year
- Windows Privilege Escalation from User to Domain Admin.☆1,442Dec 18, 2022Updated 3 years ago
- Coerce Windows machines auth via MS-EVEN☆172Jan 17, 2024Updated 2 years ago
- Dump the memory of a PPL with a userland exploit☆889Jul 24, 2022Updated 3 years ago
- Maximizing BloodHound. Max is a good boy.☆532Apr 25, 2025Updated 10 months ago
- DLL Exports Extraction BOF with optional NTFS transactions.☆90Nov 5, 2021Updated 4 years ago
- PoC tool to coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw or other functions.☆2,186Aug 15, 2024Updated last year
- A variant of Gargoyle for x64 to hide memory artifacts using ROP only and PIC☆374May 24, 2022Updated 3 years ago
- Whisker is a C# tool for taking over Active Directory user and computer accounts by manipulating their msDS-KeyCredentialLink attribute, …☆932Nov 11, 2024Updated last year
- A tool to kill antimalware protected processes☆1,505Jun 19, 2021Updated 4 years ago
- Inject .NET assemblies into an existing process☆507Jan 19, 2022Updated 4 years ago
- DLL Hijack Search Order Enumeration BOF☆149Nov 3, 2021Updated 4 years ago
- PowerShell toolkit for AD CS auditing based on the PSPKI toolkit.☆920Feb 28, 2024Updated 2 years ago
- ☆105Jul 31, 2024Updated last year